vulnerability
Oracle Linux: CVE-2015-2675: ELSA-2015-2237: rest security update (LOW)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Aug 18, 2017 | Oct 16, 2024 | Nov 30, 2024 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Aug 18, 2017
Added
Oct 16, 2024
Modified
Nov 30, 2024
Description
The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.
Solutions
oracle-linux-upgrade-restoracle-linux-upgrade-rest-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.